luisgulo/photoprism
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
photoprism/internal/server/routes_wellknown.go
Michael Mayer 64b8ed572d API: Add .well-known/openid-configuration route handler #808 #3943 
This adds an initial "/.well-known/openid-configuration" service
discovery endpoint for use by OpenID Connect clients.

Signed-off-by: Michael Mayer <michael@photoprism.app>
2024-01-08 17:25:07 +01:00

74 lines
3.6 KiB
Go
Raw Blame History

package server
import (
"fmt"
"net/http"
"github.com/gin-gonic/gin"
"github.com/photoprism/photoprism/internal/acl"
"github.com/photoprism/photoprism/internal/config"
"github.com/photoprism/photoprism/internal/server/wellknown"
)
// registerWellknownRoutes configures the ".well-known" service discovery routes.
func registerWellknownRoutes(router *gin.Engine, conf *config.Config) {
// Registers the "/.well-known/oauth-authorization-server" service discovery endpoint for OAuth2 clients.
router.Any(conf.BaseUri("/.well-known/oauth-authorization-server"), func(c *gin.Context) {
response := &wellknown.OAuthAuthorizationServer{
Issuer: conf.SiteUrl(),
AuthorizationEndpoint: "",
TokenEndpoint: fmt.Sprintf("%sapi/v1/oauth/token", conf.SiteUrl()),
ScopesSupported: acl.Resources.Resources(),
ResponseTypesSupported: []string{"token"},
GrantTypesSupported: []string{"client_credentials"},
TokenEndpointAuthMethodsSupported: []string{"client_secret_basic", "client_secret_post"},
ResponseModesSupported: []string{},
SubjectTypesSupported: []string{},
ClaimsSupported: []string{},
CodeChallengeMethodsSupported: []string{},
IntrospectionEndpointAuthMethodsSupported: []string{},
RevocationEndpointAuthMethodsSupported: []string{},
EndSessionEndpoint: fmt.Sprintf("%sapi/v1/oauth/logout", conf.SiteUrl()),
RequestParameterSupported: false,
RequestObjectSigningAlgValuesSupported: []string{},
DeviceAuthorizationEndpoint: "",
DpopSigningAlgValuesSupported: []string{},
}
c.JSON(http.StatusOK, response)
})
// Registers the "/.well-known/openid-configuration" service discovery endpoint for OpenID Connect clients.
router.Any(conf.BaseUri("/.well-known/openid-configuration"), func(c *gin.Context) {
response := &wellknown.OpenIDConfiguration{
Issuer: conf.SiteUrl(),
AuthorizationEndpoint: "",
TokenEndpoint: fmt.Sprintf("%sapi/v1/oauth/token", conf.SiteUrl()),
UserinfoEndpoint: "",
RegistrationEndpoint: "",
JwksUri: "",
ResponseTypesSupported: []string{"token"},
ResponseModesSupported: []string{},
GrantTypesSupported: []string{"client_credentials"},
SubjectTypesSupported: []string{},
IdTokenSigningAlgValuesSupported: []string{},
ScopesSupported: acl.Resources.Resources(),
TokenEndpointAuthMethodsSupported: []string{"client_secret_basic", "client_secret_post"},
ClaimsSupported: []string{},
CodeChallengeMethodsSupported: []string{},
IntrospectionEndpoint: "",
IntrospectionEndpointAuthMethodsSupported: []string{},
RevocationEndpoint: "",
RevocationEndpointAuthMethodsSupported: []string{},
EndSessionEndpoint: fmt.Sprintf("%sapi/v1/oauth/logout", conf.SiteUrl()),
RequestParameterSupported: false,
RequestObjectSigningAlgValuesSupported: []string{},
DeviceAuthorizationEndpoint: "",
DpopSigningAlgValuesSupported: []string{},
}
c.JSON(http.StatusOK, response)
})
}
Reference in a new issue View git blame Copy permalink